build: Pin transitive dependencies for tlsn alpha.12 (#115)

* chore: update config options

* Alpha.12
---------

Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>

.github/workflows/ci.yaml

@@ -13,9 +13,7 @@ jobs:
       RELEASE_MODE: 'dry-run' # dry-run by default, will be set to 'publish' for release builds
     services:
       notary-server:
-        image: ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.11
-        env:
-          NOTARY_SERVER__TLS__ENABLED: false
+        image: ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.12
         ports:
           - 7047:7047
     steps:

.github/workflows/playwright.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       notary-server:
-        image: ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.11
+        image: ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.12
         env:
           NOTARY_SERVER__TLS__ENABLED: false
         ports:

demo/interactive-demo/prover-rs/Cargo.toml

@@ -8,25 +8,31 @@ async-tungstenite = { version = "0.25", features = ["tokio-runtime"] }
 futures = "0.3"
 http = "1.1"
 http-body-util = "0.1"
-hyper = {version = "1.1", features = ["client", "http1"]}
-hyper-util = {version = "0.1", features = ["full"]}
+hyper = { version = "1.1", features = ["client", "http1"] }
+hyper-util = { version = "0.1", features = ["full"] }
 regex = "1.10.3"
-tokio = {version = "1", features = [
+tokio = { version = "1", features = [
   "rt",
   "rt-multi-thread",
   "macros",
   "net",
   "io-std",
   "fs",
-]}
+] }
 tokio-util = { version = "0.7", features = ["compat"] }
 tracing = "0.1.40"
-tracing-subscriber = { version ="0.3.18", features = ["env-filter"] }
+tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
 uuid = { version = "1.4.1", features = ["v4", "fast-rng"] }
 ws_stream_tungstenite = { version = "0.13", features = ["tokio_io"] }
 
-tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-core" }
-tlsn-prover = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-prover" }
-tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-common" }
-spansy = {git = "https://github.com/tlsnotary/tlsn-utils", package = "spansy", branch = "dev"}
+tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-core" }
+tlsn-prover = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-prover" }
+tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-common" }
+spansy = { git = "https://github.com/tlsnotary/tlsn-utils", package = "spansy", branch = "dev" }
 rangeset = "0.2.0"
+
+# --- Transitive dependency pins (for TLSNotary alpha.12)---
+aes = "=0.9.0-rc.0"
+cipher = "=0.5.0-rc.0"
+crypto-common = "=0.2.0-rc.3"
+inout = "=0.2.0-rc.5"

demo/interactive-demo/prover-rs/src/main.rs

@@ -28,7 +28,7 @@ const MAX_RECV_DATA: usize = 1 << 14;
 
 const SECRET: &str = "TLSNotary's private key 🤡";
 /// Make sure the following url's domain is the same as SERVER_DOMAIN on the verifier side
-const SERVER_URL: &str = "https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.11/crates/server-fixture/server/src/data/1kb.json";
+const SERVER_URL: &str = "https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.12/crates/server-fixture/server/src/data/1kb.json";
 
 #[tokio::main]
 async fn main() {

demo/interactive-demo/prover-ts/src/app.tsx

@@ -6,7 +6,7 @@ import { Prover as TProver } from 'tlsn-js';
 import { type Method } from 'tlsn-wasm';
 import './app.scss';
 import { HTTPParser } from 'http-parser-js';
-import { Commit, mapStringToRange, subtractRanges } from 'tlsn-js';
+import { Reveal, mapStringToRange, subtractRanges } from 'tlsn-js';
 
 const { init, Prover }: any = Comlink.wrap(
   new Worker(new URL('./worker.ts', import.meta.url)),
@@ -17,7 +17,7 @@ const root = createRoot(container!);
 
 root.render(<App />);
 
-const serverUrl = 'https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.11/crates/server-fixture/server/src/data/1kb.json';
+const serverUrl = 'https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.12/crates/server-fixture/server/src/data/1kb.json';
 // const websocketProxyUrl = `wss://notary.pse.dev/proxy`;
 const websocketProxyUrl = 'ws://localhost:55688';
 const verifierProxyUrl = 'ws://localhost:9816/verify';
@@ -95,7 +95,7 @@ function App(): ReactElement {
       console.log("test", body.information.address.street);
 
       console.time('reveal');
-      const reveal: Commit = {
+      const reveal: Reveal = {
         sent: subtractRanges(
           { start: 0, end: sent.length },
           mapStringToRange(
@@ -121,6 +121,7 @@ function App(): ReactElement {
             Buffer.from(recv).toString('utf-8'),
           ),
         ],
+        server_identity: true,
       };
       console.log('Start reveal:', reveal);
       await prover.reveal(reveal);

demo/interactive-demo/verifier-rs/Cargo.toml

@@ -17,22 +17,28 @@ hyper = { version = "1.1", features = ["client", "http1", "server"] }
 hyper-util = { version = "0.1", features = ["full"] }
 serde = { version = "1.0.147", features = ["derive"] }
 sha1 = "0.10"
-tokio = {version = "1", features = [
+tokio = { version = "1", features = [
   "rt",
   "rt-multi-thread",
   "macros",
   "net",
   "io-std",
   "fs",
-]}
+] }
 tokio-util = { version = "0.7", features = ["compat"] }
 tower = { version = "0.4.12", features = ["make"] }
 tower-service = { version = "0.3" }
 tracing = "0.1.40"
-tracing-subscriber = { version ="0.3.18", features = ["env-filter"] }
+tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
 ws_stream_tungstenite = { version = "0.13", features = ["tokio_io"] }
 
-tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-core" }
-tlsn-verifier = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-verifier" }
-tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.11", package = "tlsn-common" }
+tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-core" }
+tlsn-verifier = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-verifier" }
+tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-common" }
 tower-util = "0.3.1"
+
+# --- Transitive dependency pins (for TLSNotary alpha.12)---
+aes = "=0.9.0-rc.0"
+cipher = "=0.5.0-rc.0"
+crypto-common = "=0.2.0-rc.3"
+inout = "=0.2.0-rc.5"

demo/react-ts-webpack/README.md

@@ -75,5 +75,4 @@ If you want to use the hosted PSE notary and proxy:
 3. **Open the demo in your browser:**  
    Go to [http://localhost:8080](http://localhost:8080)
 4. **Click the "Start demo" button**
-5. **Open Developer Tools** and monitor the console logs
-œœ
+5. **Open Developer Tools** and monitor the console logs

demo/react-ts-webpack/src/app.tsx

@@ -26,13 +26,13 @@ root.render(<App />);
 const local = true; // Toggle between local and remote notary
 const notaryUrl = local
   ? 'http://localhost:7047'
-  : 'https://notary.pse.dev/v0.1.0-alpha.11';
+  : 'https://notary.pse.dev/v0.1.0-alpha.12';
 const websocketProxyUrl = local
   ? 'ws://localhost:55688'
   : 'wss://notary.pse.dev/proxy?token=raw.githubusercontent.com';
 const loggingLevel = 'Info'; // https://github.com/tlsnotary/tlsn/blob/main/crates/wasm/src/log.rs#L8
 
-const serverUrl = 'https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.11/crates/server-fixture/server/src/data/1kb.json';
+const serverUrl = 'https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.12/crates/server-fixture/server/src/data/1kb.json';
 const serverDns = 'raw.githubusercontent.com';
 
 function App(): ReactElement {
@@ -127,7 +127,7 @@ function App(): ReactElement {
       secretsHex: notarizationOutputs.secrets,
       notaryUrl: notarizationOutputs.notaryUrl,
       websocketProxyUrl: notarizationOutputs.websocketProxyUrl,
-      reveal: commit,
+      reveal: { ...commit, server_identity: false },
     })) as TPresentation;
 
     console.log(await presentation.serialize());

demo/web-to-web-p2p/src/app.tsx

@@ -29,7 +29,7 @@ let verifierLogs: string[] = [];
 const p2pProxyUrl = 'ws://localhost:3001';
 const serverDns = 'raw.githubusercontent.com';
 const webSocketProxy = `wss://notary.pse.dev/proxy?token=${serverDns}`;
-const requestUrl = `https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.11/crates/server-fixture/server/src/data/1kb.json`;
+const requestUrl = `https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.12/crates/server-fixture/server/src/data/1kb.json`;
 
 function App(): ReactElement {
   const [ready, setReady] = useState(false);
@@ -200,7 +200,7 @@ function App(): ReactElement {
         ),
       ],
     };
-    await prover.reveal(commit);
+    await prover.reveal({ ...commit, server_identity: false });
     addProverLog('Data revealed to verifier');
 
     const result = await verified;
@@ -225,7 +225,7 @@ function App(): ReactElement {
           This demo showcases peer-to-peer communication between a web prover
           and a web verifier using TLSNotary. The prover fetches data from{' '}
           <a
-            href="https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.11/crates/server-fixture/server/src/data/1kb.json"
+            href="https://raw.githubusercontent.com/tlsnotary/tlsn/refs/tags/v0.1.0-alpha.12/crates/server-fixture/server/src/data/1kb.json"
             target="_blank"
             rel="noopener noreferrer"
             className="underline text-blue-400 hover:text-blue-300"

package-lock.json

@@ -1,15 +1,15 @@
 {
   "name": "tlsn-js",
-  "version": "0.1.0-alpha.11.0",
+  "version": "0.1.0-alpha.12.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "tlsn-js",
-      "version": "0.1.0-alpha.11.0",
+      "version": "0.1.0-alpha.12.0",
       "license": "ISC",
       "dependencies": {
-        "tlsn-wasm": "0.1.0-alpha.11"
+        "tlsn-wasm": "0.1.0-alpha.12"
       },
       "devDependencies": {
         "@playwright/test": "^1.52.0",
@@ -10728,9 +10728,9 @@
       }
     },
     "node_modules/tlsn-wasm": {
-      "version": "0.1.0-alpha.11",
-      "resolved": "https://registry.npmjs.org/tlsn-wasm/-/tlsn-wasm-0.1.0-alpha.11.tgz",
-      "integrity": "sha512-3QjS5BaPwjZiPwAjMs7ZVSuCOXjvxyxEIPQdDbGa3G5drXu2rfu15zJvDEnrb/SneXD8+/Qk1ZSiB7eYjXBSmQ==",
+      "version": "0.1.0-alpha.12",
+      "resolved": "https://registry.npmjs.org/tlsn-wasm/-/tlsn-wasm-0.1.0-alpha.12.tgz",
+      "integrity": "sha512-0HlhM466ewogualMmpevFAgfWfUh1qwt/RjbOKSQiE+EPK99x8BrMBlChAxjnCxWpuUaDfaVEXTEPF07RYBtuQ==",
       "license": "MIT OR Apache-2.0"
     },
     "node_modules/to-buffer": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "tlsn-js",
-  "version": "0.1.0-alpha.11.0",
+  "version": "0.1.0-alpha.12.0",
   "description": "",
   "repository": "https://github.com/tlsnotary/tlsn-js",
   "main": "build/lib.js",
@@ -16,7 +16,7 @@
     "build:src": "webpack --config webpack.build.config.js",
     "build:types": "tsc --project tsconfig.compile.json",
     "build:lib": "NODE_ENV=production concurrently npm:build:src npm:build:types",
-    "build:wasm": "sh tlsn-wasm/build.sh v0.1.0-alpha.11",
+    "build:wasm": "sh tlsn-wasm/build.sh v0.1.0-alpha.12",
     "build": "npm run build:lib",
     "watch:dev": "webpack --config webpack.web.dev.config.js --watch",
     "dev": "concurrently npm:watch:dev npm:serve:test",
@@ -24,7 +24,7 @@
     "lint:tsc": "tsc --noEmit",
     "lint": "concurrently npm:lint:tsc npm:lint:eslint",
     "test": "playwright test",
-    "notary": "docker run --platform=linux/amd64 -p 7047:7047 --rm ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.11"
+    "notary": "docker run --platform=linux/amd64 -p 7047:7047 --rm ghcr.io/tlsnotary/tlsn/notary-server:v0.1.0-alpha.12"
   },
   "devDependencies": {
     "@playwright/test": "^1.52.0",
@@ -67,6 +67,6 @@
     "node": ">= 16.20.2"
   },
   "dependencies": {
-    "tlsn-wasm": "0.1.0-alpha.11"
+    "tlsn-wasm": "0.1.0-alpha.12"
   }
 }

playwright-test/full-integration.spec.ts

@@ -13,7 +13,7 @@ test('full-integration', async ({ page }) => {
   const json = await page.getByTestId('full-integration').innerText();
   const { sent, recv, server_name, version, meta } = JSON.parse(json);
 
-  expect(version).toBe('0.1.0-alpha.11');
+  expect(version).toBe('0.1.0-alpha.12');
   expect(new URL(meta.notaryUrl!).protocol === 'http:');
   expect(server_name).toBe('raw.githubusercontent.com');
 

quickstart.md

@@ -36,7 +36,7 @@ For this demo, we also need to run a local notary server.
 * Or, compile and run the notary server natively:
      ```sh
      # Clone the TLSNotary repository:
-     git clone https://github.com/tlsnotary/tlsn.git --branch "v0.1.0-alpha.11"
+     git clone https://github.com/tlsnotary/tlsn.git --branch "v0.1.0-alpha.12"
      cd tlsn/crates/notary/server/
      # Run the notary server
      cargo run --release

src/lib.ts

@@ -78,13 +78,15 @@ export class Prover {
     };
     body?: unknown;
     maxSentData?: number;
+    maxSentRecords?: number,
     maxRecvData?: number;
     maxRecvDataOnline?: number;
-    maxSentRecords?: number,
-    maxRecvRecords?: number,
+    maxRecvRecordsOnline?: number,
     network?: NetworkSetting
     deferDecryptionFromStart?: boolean;
     commit?: Commit;
+    serverIdentity?: boolean
+    clientAuth?: [number[][], number[]];
   }): Promise<PresentationJSON> {
     const {
       url,
@@ -92,27 +94,30 @@ export class Prover {
       headers = {},
       body,
       maxSentData = 1024,
+      maxSentRecords,
       maxRecvData = 1024,
       maxRecvDataOnline,
-      maxSentRecords,
-      maxRecvRecords,
+      maxRecvRecordsOnline,
       network = 'Bandwidth',
       deferDecryptionFromStart,
       notaryUrl,
       websocketProxyUrl,
       commit: _commit,
+      serverIdentity = false,
+      clientAuth,
     } = options;
     const hostname = new URL(url).hostname;
     const notary = NotaryServer.from(notaryUrl);
     const prover = new WasmProver({
       server_name: hostname,
       max_sent_data: maxSentData,
+      max_sent_records: maxSentRecords,
       max_recv_data: maxRecvData,
       max_recv_data_online: maxRecvDataOnline,
+      max_recv_records_online: maxRecvRecordsOnline,
       defer_decryption_from_start: deferDecryptionFromStart,
-      max_sent_records: maxSentRecords,
-      max_recv_records: maxRecvRecords,
       network: network,
+      client_auth: clientAuth,
     });
 
     await prover.setup(await notary.sessionUrl(maxSentData, maxRecvData));
@@ -135,10 +140,11 @@ export class Prover {
 
     const { attestation, secrets } = await prover.notarize(commit);
 
-    const presentation = build_presentation(attestation, secrets, commit);
+    const reveal: Reveal = { ...commit, server_identity: serverIdentity }
+    const presentation = build_presentation(attestation, secrets, reveal);
 
     return {
-      version: '0.1.0-alpha.11',
+      version: '0.1.0-alpha.12',
       data: arrayToHex(presentation.serialize()),
       meta: {
         notaryUrl: notary.normalizeUrl(),
@@ -150,22 +156,24 @@ export class Prover {
   constructor(config: {
     serverDns: string;
     maxSentData?: number;
+    maxSentRecords?: number,
     maxRecvData?: number;
     maxRecvDataOnline?: number;
+    maxRecvRecordsOnline?: number,
     deferDecryptionFromStart?: boolean;
-    max_sent_records?: number,
-    max_recv_records?: number,
     network?: NetworkSetting
+    clientAuth?: [number[][], number[]] | undefined,
   }) {
     this.#config = {
       server_name: config.serverDns,
-      max_recv_data: config.maxRecvData || 1024,
       max_sent_data: config.maxSentData || 1024,
+      max_sent_records: config.maxSentRecords,
+      max_recv_data: config.maxRecvData || 1024,
       max_recv_data_online: config.maxRecvDataOnline,
+      max_recv_records_online: config.maxRecvRecordsOnline,
       defer_decryption_from_start: config.deferDecryptionFromStart,
-      max_sent_records: config.max_sent_records,
-      max_recv_records: config.max_recv_records,
       network: config.network || 'Bandwidth',
+      client_auth: config.clientAuth
     };
     this.#prover = new WasmProver(this.#config);
   }
@@ -279,12 +287,12 @@ export class Verifier {
   #config: VerifierConfig;
   #verifier: WasmVerifier;
 
-  constructor(config: { maxSentData?: number; maxRecvData?: number; maxSentRecords?: number; maxRecvRecords?: number }) {
+  constructor(config: { maxSentData?: number; maxRecvData?: number; maxSentRecords?: number; maxRecvRecordsOnline?: number }) {
     this.#config = {
       max_recv_data: config.maxRecvData || 1024,
       max_sent_data: config.maxSentData || 1024,
       max_sent_records: config.maxSentRecords,
-      max_recv_records: config.maxRecvRecords,
+      max_recv_records_online: config.maxRecvRecordsOnline,
     };
     this.#verifier = new WasmVerifier(this.#config);
   }
@@ -328,6 +336,7 @@ export class Presentation {
         params.reveal || {
           sent: [{ start: 0, end: transcript.sent.length }],
           recv: [{ start: 0, end: transcript.recv.length }],
+          server_identity: false,
         },
       );
       this.#websocketProxyUrl = params.websocketProxyUrl;
@@ -349,7 +358,7 @@ export class Presentation {
 
   async json(): Promise<PresentationJSON> {
     return {
-      version: '0.1.0-alpha.11',
+      version: '0.1.0-alpha.12',
       data: await this.serialize(),
       meta: {
         notaryUrl: this.#notaryUrl

src/transcript.ts

@@ -17,19 +17,11 @@ export class Transcript {
   }
 
   recv(redactedSymbol = '*') {
-    return this.#recv.reduce((recv: string, num) => {
-      recv =
-        recv + (num === 0 ? redactedSymbol : Buffer.from([num]).toString());
-      return recv;
-    }, '');
+    return bytesToUtf8(substituteRedactions(this.#recv, redactedSymbol));
   }
 
   sent(redactedSymbol = '*') {
-    return this.#sent.reduce((sent: string, num) => {
-      sent =
-        sent + (num === 0 ? redactedSymbol : Buffer.from([num]).toString());
-      return sent;
-    }, '');
+    return bytesToUtf8(substituteRedactions(this.#sent, redactedSymbol));
   }
 
   text = (redactedSymbol = '*') => {
@@ -101,3 +93,15 @@ function indexOfString(str: string, substr: string): number {
 function bytesSize(str: string): number {
   return Buffer.from(str).byteLength;
 }
+
+function bytesToUtf8(array: number[]): string {
+  return Buffer.from(array).toString("utf8");
+}
+
+function substituteRedactions(
+  array: number[],
+  redactedSymbol: string = "*",
+): number[] {
+  const replaceCharByte = redactedSymbol.charCodeAt(0);
+  return array.map((byte) => (byte === 0 ? replaceCharByte : byte));
+}

src/types.ts

@@ -4,7 +4,7 @@ export type CommitData = {
 };
 
 export type PresentationJSON = {
-  version: '0.1.0-alpha.7' | '0.1.0-alpha.8' | '0.1.0-alpha.9' | '0.1.0-alpha.10' | '0.1.0-alpha.11';
+  version: '0.1.0-alpha.7' | '0.1.0-alpha.8' | '0.1.0-alpha.9' | '0.1.0-alpha.10' | '0.1.0-alpha.11' | '0.1.0-alpha.12';
   data: string;
   meta: {
     notaryUrl?: string;

test/e2e/full-integration.spec.ts

@@ -6,6 +6,7 @@ import {
   mapStringToRange,
   subtractRanges,
   Transcript,
+  Reveal,
 } from '../../src/lib';
 import * as Comlink from 'comlink';
 import { HTTPParser } from 'http-parser-js';
@@ -79,10 +80,14 @@ const { init, Prover, Presentation }: any = Comlink.wrap(
     };
     console.log(commit);
     const notarizationOutput = await prover.notarize(commit);
+    const reveal: Reveal = {
+      ...commit,
+      server_identity: false,
+    };
     const presentation = (await new Presentation({
       attestationHex: notarizationOutput.attestation,
       secretsHex: notarizationOutput.secrets,
-      reveal: commit,
+      reveal: reveal,
       notaryUrl: notary.url,
       websocketProxyUrl: 'wss://notary.pse.dev/proxy',
     })) as _Presentation;